• Space/Science
  • GeekSpeak
  • Mysteries of
    the Multiverse
  • Science Fiction
  • The Comestible Zone
  • Off-Topic
  • Community
  • Flame
  • CurrentEvents

Recent posts

Trump stated he could end the Ukraine war in 24 hrs. RobVG November 22, 2024 1:49 pm (Flame)

Keeling me softly... ER November 21, 2024 11:13 am (Space/Science)

The cabinet of Doctor Caligula ER November 19, 2024 8:28 am (CurrentEvents)

Is writing an addiction? RobVG November 18, 2024 11:05 am (Off-Topic)

RFK, Gabbard, Gaetz? ER November 15, 2024 4:32 am (CurrentEvents)

The Onion Buys Infowars podrock November 14, 2024 7:37 am (CurrentEvents)

Shutting it out BuckGalaxy November 7, 2024 3:21 pm (Flame)

Shit. podrock November 6, 2024 7:02 am (Flame)

Cyanide pill in hand... RL November 5, 2024 8:44 pm (CurrentEvents)

October Arctic S.I.E. ER November 5, 2024 12:48 pm (Space/Science)

Are We on the Cusp of a New Political Order? BuckGalaxy November 1, 2024 3:17 pm (Off-Topic)

Home » CurrentEvents

Why is our infrastructure vulnerable to hacking? January 12, 2015 10:19 am hank

Wouldn’t it be easy to just disconnect all computers operating critical utility, defense, governmental, financial, and industrial functions from the internet? Sure, software updates and data transfers would still have to be carried out, but it could be done under manual supervision by individuals trained and equipped to spot and resist cyber threats. It would be possible to install robust defenses around critical computers that might not be practical for home or small business machines. For example, peripheral computers designed to download files and subject them to intense scrutiny prior to copying them to hard media for transfer to off-line computers has long been the practice in the military and intelligence communities. The same machine that runs your electric power grid should not be able to use and receive email or access Facebook and Youtube. Vital data and control could be sent on dedicated, secure links or even on disks through the US Mail!

It appears to me that most connections on computers to the internet (hence, to threats) are required to carry advertising and cookies (not an issue with commercial or government sites) or to automate routine maintenance activities for purely cost-saving reasons (which should not be a requirement for critical sites). Sure, it might be possible to sneak in some malware through these safeguards, but its ill effects would be isolated and would be difficult to propagate to infect still other computers.

The current safeguards, encryption and anti-malware filters, are just part of the continuing arms race between defense and offense. Sooner or later, a clever hacker will breach them. But just pulling the plug seems to be bullet proof. Sure, it would make it expensive and slow to safely access remote data, and would require additional personnel and perhaps specialized hardware and software (also an expense). But it would be just part of the cost of doing business. Purely technological solutions to this problem just make the entire data environment more complex, and additional complexity always means increased vulnerability.

The idea that some one could sit down at his desktop and launch an attack on a bank of top-secret clandestine military uranium-enrichment centrifuges half a world away seems to be ridiculous. And the advantage will always be with the aggressor. He doesn’t have to succeed every single time; it is the defender who must never fail, not even once.

    Search

    The Control Panel

    • Log in
    • Register